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ENCYPT I ON 



ASSUME, p IS A CHARACTERISTIC; 

a.b ARE THE COEFFICIENTS OF AN ELLIPTIC CURVE. 

THE ELLIPTIC CURVE IS y 2 = X 3 + ax + b; 

G IS THE BASE POINT ON THE CURVE; 

r IS THE ORDER OF G;Mx. My ARE MESSAGES; 

G. Ks X G ARE THE PUBLIC KEYS 
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DECRYPTION 



ASSUME, p IS A CHARACTERISTIC; 

a, b ARE THE COEFFICIENTS OF, AN ELLIPTIC CURVE. 

THE ELLIPTIC CURVE IS y* = X 3 + ax + b; 

6 IS THE BASE POINT ON THE CURVE: 

r IS THE ORDER OF G;u x G (XO, YO) ARE 

ENCRYPTED MESSAGES ; 

Ks IS DEFINED AS A PRIVATE KEY 
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SESSION KEY Kses (EX. STORAGE OF BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon) THE RECORDING DEVICE 
RECEIVED FROM THE RECORD REPRODUCING PLAYER 



RETRIEVE DATA ENCRYPTED WITH THE SESSION KEY Kses 
(EX. BLOCK INFORMATION KEY Kbit, CONTENTS KEY Kcon) 
FROM THE REGISTER. WHICH IS DECRYPTED 
WITH THE SESSION KEY Kses 



'S3003 



ENCRYPT DATA DECRYPTED WITH THE SESSION KEY Kses 
(EX. BLOCK INFORMATION KEY Kbit. CONTENTS KEY Kcon) 
WITH THE STORAGE KEY Kstr 



-S3004 



STORE IN THE MEMORY OF THE RECORDING DEVICE DATA 
(EX. BLOCK INFORMATION KEY Kbit. CONTENTS KEY Kcon) 
ENCRYPTED WITH THE STORAGE KEY KSTR 



-S3005 



FIG. 30 
30/93 



09/937410 



RETRIEVE DATA ENCRYPTED WITH THE STORAGE KEY Kstr 
(EX. BLOCK INFORMATION KEY Kbit. CONTENTS KEY Kcon) 
FROM THE MEMORY OF THE RECORDING DEVICE 






COMMAND Nos. u-y 

) 


i 



■0 

•ss 



'S3101 



STORE IN THE REGISTER DATA ENCRYPTED WITH THE 
STORAGE KEY Kstr 
(EX. STORAGE OF BLOCK INFORMATION KEY Kbit, 
CONTENTS KEY Kcon) 
RETRIEVED FROM THE MEMORY OF THE RECORDING DEVICE 



^V/S3102 



\ 


i 


RETRIEVE FROM THE REGISTER DATA 
(EX. BLOCK INFORMATION KEY Kbit, CONTENTS KEY Kcon) 
ENCRYPTED WITH THE STORAGE KEY Kstr, 
WHICH IS DECRYPTED WITH THE STORAGE KEY Kstr 




f 



'S3103 



ENCRYPT WITH THE SESSION KEY Kses DATA 
(EX. BLOCK INFORMATION KEY Kbit. CONTENTS KEY Kcon) 
DECRYPTED WITH THE STORAGE KEY Kstr 



^v^S3104 



TRANSMIT DATA ENCRYPTED WITH THE 
SESSION KEY Kses DATA 
(EX. BLOCK INFORMATION KEY Kbit, CONTENTS KEY Kcon) 
FROM THE RECORDING DEVICE TO RECORD 
REPRODUCING PLAYER 



'S3105 



FIG. 31 
31/93 



09/9374 
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09/937410 




09/9374T n 
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FORMAT TYPE 0, 1 DOWNLOADING PROCESS 



( START ) 



S101 



MUTUAL AUTHENTICATION 
AND SESSION KEY SHARED 
WITH RECORDING DEVICE 
(CF. FIG. 20) 



S102 



RETRIEVE HEADER 



S103 



CREATE ICVa' FROM CONTENT 
INFORMATION, USAGE POLICY 




S105 



RETRIEVE OR CREATE 
DISTRIBUTION KEY Kdis 



S106 



DECRYPT BLOCK INFORMATION 
KEY Kbit, CONTENTS KEY Keen 



SI 07 



DECRYPT BLOCK INFORMATION 



S108 



CREATE ICVb' FROM BLOCK 
INFORMATION KEY Kbit. CONTENTS 
KEY Kcon, BLOCK INFORMATION 




S110 



CREATES INTERMEDIATE 

CHECK VALUE FROM 
ICVa, ICVb, ICV1... ICVN 



S1 1 1 



CREATES TOTAL ICVt FROM 
INTERMEDIATE CHECK VALUE 




J2± 



S113 



RETRIEVE BLOCK DATA 



S1 14 



DECRYPT BLOCK DATA, 
CREATE ICVl' 




S117 



ENCRYPT BLOCK INFORMATION 
KEY Kbit, CONTENTS KEY Kcon 
WITH SESSION KEY Kses. 
AND TRANSMIT THEM TO 
RECORDING DEVICE 



S1 1 j 



RECEIVE BLOCK INFORMATION 
KEY Kbit, CONTENTS KEY Kcon 
ENCRYPTED WITH STORAGE KEY 
Kstr FROM RECORDING DEVICE 




S120 



CREATE INDIVIDUAL CHECK 

VALUE ICVdev FROM 
INTERMEDIATE CHECK VALUE 



S121 



FORM DATA FORMAT TO BE 
STORED IN EXTERNAL MEMORY OF 
RECORDING DEVICE 



S122 



TRANSMIT DATA TO RECORDING 
DEVICE AND STORE IT IN 
EXTERNAL MEMORY LOCATED 
INSIDE THE DEVICE 



FIG. 39 
39/93 



( END ) 
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FORMAT TYPE 2 DOWNLOADING PROCESS 



( START ) 



SI 01 



MUTUAL AUTHENTICATION 
AND SESSION KEY SHARED 
WITH RECORDING DEVICE 
(CF. FIG. 20) 



SI 02 



RETRIEVE HEADER 



SI 03 



CREATE ICVa' FROM CONTENT 
INFORMATION, USAGE POLICY 




SI 05 



RETRIEVE OR CREATE 
DISTRIBUTION KEY Kdis 



SI 06 



DECRYPT BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 



SI 07 



DECRYPT BLOCK INFORMATION 



S108 



CREATE ICVb' FROM BLOCK 
INFORMATION KEY Kbit. CONTENTS 
KEY Kcon. BLOCK INFORMATION 



S109 




S151 



RETRIEVE ALL CONTENTS DATA 



SI 52 



CREATES INTERMEDIATE 
CHECK VALUE FROM ICVa. 
ICVb. CONTENTS DATA 



S1 1 1 



CREATES TOTAL ICVt' FROM 
INTERMEDIATE CHECK VALUE 




S1 17 



ENCRYPT BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 

WITH SESSION KEY Kses. 

AND TRANSMIT THEM TO 
RECORDING DEVICE 



S118 



RECEIVE BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 
ENCRYPTED WITH STORAGE KEY 
Kstr FROM RECORDING DEVICE 




S120 



CREATE INDIVIDUAL CHECK 

VALUE ICVdev FROM 
INTERMEDIATE CHECK VALUE 



S121 



. FORM DATA FORMAT TO BE 
STORED IN EXTERNAL MEMORY OF 
RECORDING DEVICE 



S122 



TRANSMIT DATA TO RECORDING 
DEVICE AND STORE IT IN 
EXTERNAL MEMORY LOCATED 
INSIDE THE DEVICE 



FIG. 40 

40/93 



( END ) 



09/937410 



FORMAT TYPE 3 DOWNLOADING PROCESS 



■SI 



( START ) 



^1 



S101 



MUTUAL AUTHENTICATION 
AND SESSION KEY SHARED 
WITH RECORDING DEVICE 
(CF. FIG. 20) 



S102 



RETRIEVE HEADER 



SI 03 



CREATE ICVa' FROM CONTENT 
INFORMATION. USAGE POLICY 




S105 



RETRIEVE OR CREATE 
DISTRIBUTION KEY Kdis 



SI 61 



DECRYPT BLOCK INFORMATION 
KEY Kbit 



S107 



DECRYPT BLOCK INFORMATION 



S162 



CREATE ICVb' FROM BLOCK 
INFORMATION KEY Kbit BLOCK 
INFORMATION 




S151 



RETRIEVE ALL CONTENTS DATA 



S152 



CREATES INTERMEDIATE 
CHECK VALUE FROM ICVa, 
ICVb, CONTENTS DATA 



S1 1 1 



CREATES TOTAL ICVt' FROM 
INTERMEDIATE CHECK VALUE 




S163 



DECRYPT BLOCK KEY Kblc 



SI 64 



ENCRYPT BLOCK INFORMATION 

KEY Kbit. BLOCK KEY Kblc 
WITH SESSION KEY Kses, AND 
TRANSMIT THEM TO RECORDING 
DEVICE 



S165 



RECEIVE BLOCK INFORMATION 

KEY Kbit, BLOCK KEY Kblc 
ENCRYPTED WITH STORAGE KEY 
Kstr FROM RECORDING DEVICE 




SI 20 



CREATE INDIVIDUAL CHECK 

VALUE ICVdev FROM 
INTERMEDIATE CHECK VALUE 



SI 21 



FORM DATA FORMAT TO BE 
STORED IN EXTERNAL MEMORY OF 
RECORDING DEVICE 



SI 22 



TRANSMIT DATA TO RECORDING 
DEVICE AND STORE IT IN 
EXTERNAL MEMORY LOCATED 
INSIDE THE DEVICE 



FIG. 41 



C END ) 



41/93 



09 



FORMAT TYPE 4 DOWNLOADING PROCESS 
( START ) 

I /^S 201 



MUTUAL AUTHENTICATION AND 
SESSION KEY SHARED WITH 
RECORDING DEVICE(CF. FIG. 20) 



^S20 2 



RETRIEVE HEADER 



X 



^S20 3 



CREATE ICVa* FROM CONTENTS 
INFORMATION, USAGE POLICY 




S205 



TRANSMIT BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 
ENCRYPTED WITH STORAGE KEY 
Kstr TO RECORDING DEVICE 



X 



/^S20 6 



RECEIVE BLOCK INFORMATION 
KEY Kbit, CONTENTS KEY Kcon 
ENCRYPTED WITH SESSION KEY 
Kses FROM RECORDING DEVICE 



^S207 



DECRYPT BLOCK INFORMATION 
KEY Kbit, CONTENTS KEY Kcon 



/•^S20 8 



DECRYPT BLOCK INFORMATION 



^820 9 



CREATES ICVb' FROM BLOCK 
INFORMATION KEY Kbit, CONTENTS 
KEY Kcon, BLOCK INFORMATION 



S210 




S211 



CREATE INTERMEDIATE CHECK VALUE 
FROM ICVa. ICVb, ICV1... ICVN 




S213 



CREATE INDIVIDUAL CHECK VALUE 
ICVdevFROM INTERMEDIATE CHECK VALUE 




(A) 

it 



^S217 



RETRIEVE BLOCK DATA 




S219 



S221 



S223 



FORM CONTENTS ORDINARY 
MESSAGE DATA FOR EXECUTION 
(REPRODUCTION) ON SYSTEM RAM 




S225 



EXECUTE REPRODUCING CONTENTS 
(PROGRAMS, DATA) 



(B)- 



( END ) 



S215 



CREATES TOTAL ICVt' FROM 
INTERMEDIATE CHECK VALUE 



S216 



(B) 
FIG. 42 
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FORMAT TYPE 1 REPRODUCTION PROCESS 

C 



START 

I 



S201 



MUTUAL AUTHENTICATION AND 
SESSION KEY SHARED WITH 
RECORD I NG DEV I CE (CF. F 1 6. 20) 



RETRIEVE HEADER 



^/S20 2 



^S20 3 



CREATE ICVa' FROM CONTENTS 
INFORMATION, USAGE POLICY 




S205 



TRANSMIT BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 
ENCRYPTED WITH STORAGE KEY 
Kstr TO RECORDING DEVICE 



^S20 6 



RECEIVE BLOCK INFORMATION 
KEY Kbit, CONTENTS KEY Kcon 
ENCRYPTED WITH SESSION KEY 
Kses FROM RECORDING DEVICE 



^S20 7 



DECRYPT BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 



^S20 8 



DECRYPT BLOCK INFORMATION 



J. 



^S20 9 



CREATES ICVb' FROM BLOCK 
INFORMATION KEY Kbit, CONTENTS 
KEY Kcon. BLOCK I NFORMAT I ON 




S21 1 



CREATE INTERMEDIATE CHECK VALUE 
FROM ICVa. ICVb. ICV1... ICVN 




S213 



CREATE INDIVIDUAL CHECK VALUE 
ICVdev FROM INTERMEDIATE CHECK VALUE 



NO 



/S214 



I CVdev= ICVdev' ? 



(A) 



^1 



S217 



RETRIEVE BLOCK DATA 



S231 



DECRYPT ENCRYPTION PART. 
CREATE PART ICV 



YES 



CREATE BLOCK ICVl' 



^1 



S232 




S223 



FORM CONTENTS ORDINARY 
MESSAGE DATA FOR EXECUTION 
(REPRODUCTION) ON SYSTEM RAM 




S225 



EXECUTE REPRODUCING CONTENTS 
(PROGRAMS, DATA) 



(B)- 



( END ) 



S215 



CREATES TOTAL ICVt' FROM 
INTERMEDIATE CHECK VALUE 



S216 




(B) 



(A) 
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( START ) 



S201 



MUTUAL AUTHENTICATION AND 
SESSION KEY SHARED WITH 
RECORDING DEVICE(CF. FIG. 20) 



RETRIEVE HEADER 



/^S20 2 



^S20 3 



CREATE ICVa' FROM CONTENTS 
INFORMATION, USAGE POLICY 



S204 




S205 



TRANSMIT BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 

ENCRYPTED WITH STORAGE KEY 
Kstr TO RECORDING DEVICE 



/^S20 6 



RECEIVE BLOCK INFORMATION 
KEY Kbit. CONTENTS KEY Kcon 
ENCRYPTED WITH SESSION KEY 
Kses FROM RECORDING DEVICE 



DECRYPT BLOCK INFORMATION 
KEY Kbit, CONTENTS KEY Kcon 



/^S20 7 



^5208 



DECRYPT BLOCK INFORMATION 



/V-/S209 



CREATES ICVb' FROM BLOCK 
INFORMATION KEY Kbit. CONTENTS 
KEY Kcon. BLOCK INFORMATION 




(A) 



S217 



RETRIEVE BLOCK DATA 



S241 



DECRYPT BLOCK KEY Kbic 



DECRYPT BLOCK DATA 



S242 



S243 



EXECUTE REPRODUCING CONTENTS 
(PROGRAM, DATA) 




( END ) 



FIG. 44 
44/93 
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FORMAT TYPE 3 REPRODUCTION PROCESS 



( START ) 

{ ^S 201 



MUTUAL AUTHENTICATION AND 
SESSION KEY SHARED WITH 
RECORDING DEVICE (CF. FIG. 20) 



^202 



RETRIEVE HEADER 



^xS20 3 



CREATE ICVa' FROM CONTENTS 
INFORMATION, USAGE POLICY 




S251 



TRANSMIT BLOCK INFORMATION 
KEY KBIT ENCRYPTED WITH 
STORAGE KEY KSTR TO 
RECORDING DEVICE 



^S25 2 



RECEIVE BLOCK INFORMATION 
KEY Kbit ENCRYPTED WITH 
SESSION KEY Kses FROM 
RECORDING DEVICE 



/^S25 3 



DECRYPT BLOCK INFORMATION 
KEY Kbit 



^S20 8 



DECRYPT BLOCK INFORMATION 



/^S25 4 



CREATES ICVb' FROM BLOCK 
INFORMATION KEY Kbit. BLOCK 
INFORMATION 




(A) 



S217 



RETRIEVE BLOCK DATA 



S255 



TRANSMIT BLOCK KEY Kblc 
ENCRYPTED WITH STORAGE KEY 
Kstr TO RECORDING DEVICE 



S256 



RECEIVE BLOCK KEY Kbio 
ENCRYPTED WITH SESSION KEY 
Kses FROM RECORDING DEVICE 



S257 



DECRYPT BLOCK KEY Kblc 



DECRYPT BLOCK DATA 



^1 



S242 



S243 



EXECUTE, ^REPRODUCE CONTENTS 
(PROGRAM. DATA) 




( END ) 



FIG. 45 
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ICV CREATION 
(EX. CONTENTS OFFERER) 



DATA FOR VERIFICATION. 
E. G. . , CONTENTS, ETC. 



DELIVER 



ICV CREATION 

SHARED KEY 
Kiev FOR ICV v 



ICV 



DELIVER 
=»- 



ICV VERIFIER 
(EX. CONTENTS USER) 



DATA FOR VERIFICATION, 
E. G. . , CONTENTS. ETC. 



ICV CREATION 

SHARED KEY 
Kiev FOR ICV 



ICV 



COMPARE 

=? 



ICV 



FIG. 46 



ICV CREATION 
(EX. CONTENTS OFFERER) 



ICV VERIFIER 
(EX. CONTENTS USER) 



DATA FOR VERIFICATION. 
E. G. . , CONTENTS, ETC. 



DELIVER 



DATA FOR VERIFICATION. 
E. G. . , CONTENTS. ETC. 



CALCULATE 



CREATION' S 
PRIVATE 
KEY KPRI 



ICV CREATION 



CREATION' S 
PUBLIC KEY Kpub 



ICV 



DELIVER 



ICV 



X 



CALCULATE 



VERIFIED 
VALUE 



II ? COMPARE 



VERIFIED 
VALUE' 



FIG. 47 
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09/93741 
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METHOD TO CREATE INDIVIDUAL KEYS FRi 

[BASIC FLOW] 

CONTENTS CREATION OR ADMINISTRATOR 



( START CREATING CONTENTS"") 



DETERMINED ID (CONTENTS ID) 
FOR CONTENTS 




I ^S502 


CREATE KEYS (EX. DISTRIBUTION 

KEY Kdis) FROM MASTER KEY 
(EX. MASTER KEY FOR CREATING 
DISTRIBUTION KEY: MKdis) AND 
CONTENTS ID 




I ^503 


ENCRYPT PART OR WHOLE OF 

CONTENTS USING A KEY 
(EX. DISTRIBUTION KEY Kdis) 





(CONTENTS CREATION FINISHED) 



MASTER KEY-(1) 



USER DEVICE 

( START USING CONTENTS ) 
| ,^50 4 
RETRIEVE CONTENTS ID 



jr ^550 5 

CREATE KEYS (EX. DISTRIBUTION 
KEY Kdis) FROM CONTENTS ID, 
MASTER KEY (EX. MASTER KEY 
FOR CREATING DISTRIBUTION 
KEY: MKdis) 



£ ^50 6 

DECRYPT ENCRYPTED PART OF 

CONTENTS WITH A KEY 
(EX. DISTRIBUTION KEY Kdis) 

{ ^S50 7 / 

USE CONTENTS 



(CONTENTS CREATION FINISHED) 



[KEY POSSESSION COMPOSITION] 

CONTENTS CREATION OR ADMINISTRATOR USER DEVICE 



MASTER KEY (EX. MASTER 
KEY FOR CREATING 
DISTRIBUTION KEY: MKdis) 



CONTENTS ID 



ID PROTECTION 
CONTENTS 



c SHARE ^ 



MASTER KEY (EX. MASTER 
KEY FOR CREATING 
DISTRIBUTION KEY: MKdis) 



FIG. 50 
49/93 
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METHOD TO CREATE INDIVIDUAL KEYS FROM MASTER KEY- (2) 
[BASIC FLOW] 

CONTENTS CREATION OR ADMINISTRATOR USER DEVICE 



( START CREATING CONTENTS) 



DETERMINED ID (CONTENTS ID) 
FOR CONTENTS 



I 



S512 



SELECT MASTER KEY (EX. MASTER 
KEY FOR CREATING DISTRIBUTION 

KEY: MKdis 1...N) FOR 
EQUIPMENT WITH WHICH USE OF 
CONTENTS IS PERMITTED 



j2± 



S513 



CREATE KEYS (EX. DISTRIBUTION 
KEY KDIS 1...N) FROM MASTER 

KEY (EX. MASTER KEY FOR 
CREATING DISTRIBUTION KEY: 
MKdis 1...N) FOR EQUIPMENT 
WITH WHICH USE OF CONTENTS 

IS PERMITTED AND CONTENTS ID 



S514 



MAKE PART OR WHOLE OF 
CONTENTS ENCRYPTED CONTENTS 

CI. ..N USING KEY (EX. 
DISTRIBUTION KEY Kdis 1...N) 



S515 



CONTENTS ID. MASTER KEY 
CONTENTS ID, ENCRYPTED 
CONTENTS PUT TOGETHER AS A 
DELIVERY UNIT, CONTENTS 
CREATION FINISHED 



\ 

(CONTENTS CREATION FINISHED) 



( START USING CONTENTS ) 



/S516 



DELIVERED MASTER KEY 

CONTENTS ID AND USER' S OWN) >-END 

MASTER KEY COORDINATED? 



I 



S517 



RETRIEVE CONTENTS ID 

\ 



S518 



CREATE KEY (EX. DISTRIBUTION 
KEY Kdisi) FROM CONTENTS ID 
AND MASTER KEY (EX. MASTER 
KEY FOR CREATING DISTRIBUTION 
KEY: MKdis) 



S519 



DECRYPT ENCRYPTED PART OF 

CONTENTS USING KEY 
(EX. DISTRIBUTION KEY Kdis) 



S520 



USE CONTENTS 



(CONTENTS CREATION FINISHED) 



[KEY POSSESSION COMPOSITION] 

CONTENTS CREATION OR ADMINISTRATOR 



USER DEVICE 



MASTER KEY (EX. MASTER 
KEY FOR CREATING 
DISTRIBUTION KEY: MKdis) 



c SHARE j 



MASTER KEY (EX. MASTER 
KEY FOR CREATING 
DISTRIBUTION KEY: MKdisi) 



CONTENTS ID 



ID PROTECTION 
CONTENTS 



FIG. 51 
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METHOD TO CREATE INDIVIDUAL KEYS FROM MASTER KEY- (3) 
[BASIC FLOW] 

MEDIA CREATION OR ADMINISTRATOR 



( START CREATING MEDIA ) 



S521 



DETERMINED ID (MEDIA ID) 
FOR MEDIA 



S522 



CREATE A KEY (EX. DISTRIBUTION 

KEY Kdis) FROM MASTER KEY 
(EX. MASTER KEY FOR CREATING 
DISTRIBUTION KEY: MKdis) 
AND MEDIA ID 



S523 



ENCRYPT PART OR WHOLE OF 

CONTENTS USING A KEY 
(EX. DISTRIBUTION KEY Kdis) 



( MEDIA CREATION FINISHED ) 



USER DEVICE 



C 



START USING MEDIA 



3 



S524 



RETRIEVE MEDIA ID 



S525 



CREATE A KEY (EX. DISTRIBUTION 
KEY Kdis) FROM MEDIA ID, 
MASTER KEY (EX. MASTER KEY 
FOR CREATING DISTRIBUTION 
KEY: MKdis) 



I 



S526 



DECRYPT ENCRYPTED PART OF 

CONTENTS WITH A KEY 
(EX. DISTRIBUTION KEY Kdis) 



S527 



USE CONTENTS 



C MEDIA USE FINISHED ) 



[KEY POSSESSION COMPOSITION] 

MEDIA CREATION OR ADMINISTRATOR 



MASTER KEY (EX. MASTER KEY 
FOR CREATING DISTRIBUTION 
KEY: MKdis) 



c SHARE a 



USER DEVICE 



MASTER KEY (EX. MASTER KEY 
FOR CREATING DISTRIBUTION 
KEY: MKdis) 




FIG. 53 
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METHOD TO CREATE INDIVIDUAL KEYS FROM MASTER KEY- (4) 
[BASIC FLOW] 

RECORD REPRODUCING PLAYER USER 



( START STORING CONTENTS } 



CREATE A KEY (EX. CONTENTS 
KEY Kcon) FROM MASTER KEY 
(EX. MASTER KEY FOR CREATING 
CONTENTS KEY: MKcon) AND 
RECORD REPRODUCTION 
PLAYER ID 



S532 



ENCRYPT PART OR WHOLE OF 
CONTENTS USING KEY 
(EX. CONTENTS KEY Kcon) 



u2± 



S533 



STORE ENCRYPTED CONTENTS 
IN RECORDING MEDIUM 



(CONTENTS STORAGE FINISHED) 



C 



SYSTEM ADMINISTRATOR 

START RESTORING PROCESS 
ON STORED DATA 



) 



S534 



RETRIEVE RECORD REPRODUCING 
PLAYER ID 



S535 



CREATE A KEY (EX. CONTENTS 

KEY Kcon) FROM RECORD 
REPRODUCING PLAYER ID AND 

MASTER KEY (EX. MASTER 
KEY FOR CREATING CONTENTS 
KEY: MKcon) 



S536 



DECRYPT ENCRYPTED PART OF 
CONTENTS USING A KEY 
(EX. CONTENTS KEY Kcon) 



c 



RESTORING PROCESS FOR 
STORED DATA FINISHED 



J 



[KEY POSSESSION COMPOSITION] 
RECORD REPRODUCING PLAYER USER 



MASTER KEY (EX. MASTER KEY 
FOR CREATING CONTENTS 
KEY: MKcon) 



SHARE 



SYSTEM ADMINISTRATOR 



MASTER KEY (EX. MASTER KEY 
FOR CREATING CONTENTS 
KEY: Moon) 



RECORD 
REPRODUCING 
PLAYER ID 
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(2) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING CONTENTS 
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(3) EXAMPLE OF SAVE DATA STORAGE PROCESS USING 
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(4) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING 
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(5) EXAMPLE OF SAVE DATA STORAGE PROCESS USING RECORD REPRODUCING 
PLAYER INDIVIDUAL KEY, OR SYSTEM SHARED KEY 
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(6) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING RECORD 
REPRODUCING PLAYER INDIVIDUAL KEY, OR SYSTEM SHARED KEY 
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(7) EXAMPLE OF SAVE DATA STORAGE PROCESS USING RECORD 
REPRODUCING PLAYER IDENTIFIER. OR SYSTEM SHARED KEY 



C 



START SAVE DATA 
STORAGE PROCESS 



RETRIEVE 
IDENTIFIER ( 


CONTENTS 
EX. GAME ID) 






RETRIEVE RECORD REPRODUCING 
PLAYER IDENTIFIER (IDdev) 



S761 



S762 



i .1 
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CREATE SAVE DATA ENCRYPTION KEY Ksav 
BASED ON RECORD REPRODUCING PLAYER 
IDENTIFIER (IDdev) RETRIEVED FROM 
RECORD REPRODUCING PLAYER 



RETRIEVE SYST 
(EX. 



S768 



EM SHARED KEY 
KEY 



SYSTEM SIGNATURE 
Ksys FROM RECORD 
REPRODUCING PLAYER. AND 
CREATE SAVE DATA ENCRYPTION 
KEY Ksav BASED ON SYSTEM 
SHARED KEY (EX. SYSTEM 
SIGNATURE KEY) 



,S765 



ENCRYPT SAVE D 
DATA ENCRYP1 


ATA USING SAVE 
ION KEY Ksav 


\ 


t 




STORE ENCRYPTED SAVE DATA 
IN RECORDING DEVICE 
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WRITE CONTENTS IDENTIFIER (GAME ID). 
RECORD REPRODUCING PLAYER IDENTIFIER 
(ID). TYES/NOj ON RECORD REPRODUCING 
PLAYER RESTRICTION IN DATA 
MANAGEMENT FILE 



c 



SAVE DATA STORAGE 
PROCESS FINISHED 



FIG. 78 
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(8) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING RECORD 
REPRODUCING PLAYER IDENTIFIER. OR SYSTEM SHARED KEY 



START SAVE DATA 
REPRODUCTION PROCESS 



) 



Z2£ 



S771 



RETRIEVE 
IDENTIFIER ( 


CONTENTS 
EX. GAME ID) 




f 




RETRIEVE RECORD REPRODUCING 
PLAYER IDENTIFIER (IDdev) 




f 





✓S772 



/S773 



RETRIEVE CONTENTS IDENTIFIER, (GAME ID). 
RECORD REPRODUCING PLAYER IDENTIFIER, 
TYES/NOj ON RECORD REPRODUCING PLAYER 
RESTRICTION FROM DATA MANAGEMENT FILE 
(HOWEVER, IN CASE RECORD REPRODUCING 
PLAYER IDENTIFIER IS NOT IDENTIFIED IN 

THE SETTING FOR TYES/NOj ON RECORD 
REPRODUCING PLAYER RESTRICTION. THEN END) 




S775 



CREATE SAVE DATA DECRYPT KEY Ksav BASED 
ON RECORD REPRODUCING PLAYER IDENTIFIER 
(IDdev) RETRIEVED FROM RECORD 
REPRODUCING PLAYER 



S776 



S778 



RETRIEVE SYSTEM SHARED KEY 
(EX. SYSTEM SIGNATURE KEY 

Ksys) FROM RECORD 
REPRODUCING PLAYER, AND 
CREATE SAVE DATA ENCRYPTION 
KEY Ksav BASED ON SYSTEM 
SHARED KEY (EX. SYSTEM 
SIGNATURE KEY) 



DECRYPT SAVE DATA USING SAVE 
DATA DECRYPT KEY Ksav 



S777 



EXECUTE REPRODUCING DECRYPTED SAVE DATA 
BY RECORD REPRODUCING PLAYER 



SAVE DATA STORAGE 
PROCESS FINISHED 
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(11) EXAMPLE OF SAVE DATA STORAGE PROCESS USING USER PASSWORD, 

OR SYSTEM SHARED KEY 



C 



START SAVE DATA 
STORAGE PROCESS 



J2L 



S821 



RETRIEVE CONTENTS 
IDENTIFIER (EX. GAME ID) 




ENTER USER PASSWORD 

, i ~ 


S824 


RETRIEVE SYSTEM SHARED KEY 
(EX. SYSTEM SIGNATURE KEY 

Ksys) FROM RECORD 
REPRODUCING PLAYER, AND 
CREATE SAVE DATA ENCRYPTION 
KEY Ksav BASED ON SYSTEM 
SHARED KEY (EX. SYSTEM 
SIGNATURE KEY) . 


CREATE SAVE DATA ENCRYPTION KEY Ksav 
BASED ON INPUT USER PASSWORD 


S825 


\ 




ENCRYPT SAVE DATA USING SAVE 
DATA ENCRYPTION KEY Ksav 


1 






STORE ENCRYPTED SAVE DATA 
IN RECORDING DEVICE 


S827 







WRITE CONTENTS IDENTIFIER (GAME ID), 
RECORD REPRODUCING PLAYER IDENTIFIER 
(ID). TYES/NOj ON USER PROGRAM USE 
RESTRICTION IN DATA MANAGEMENT FILE 



C 



SAVE DATA STORAGE 
PROCESS FINISHED 



FIG. 83 
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(12) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING USER PASSWORD 

OR SYSTEM SHARED KEY 



c 



START SAVE DATA 
REPRODUCTION PROCESS 



S831 



RETRIEVE CONTENTS 
IDENTIFIER (EX. GAME ID) 



S832 



RETRIEVE CONTENTS IDENTIFIER 
(EX. GAME ID). TYES/NOj ON USER 
PROGRAM USE RESTRICTION FROM DATA 
MANAGEMENT FILE 




ENTER USER PASSWORD 






CREATE SAVE DATA DECRYPTION KEY Ksav 
BASED ON INPUT USER PASSWORD 




' 


CREATE SAVE DATA DECRYPTION KEY Ksav 
BASED ON INPUT USER PASSWORD 


> 




EXECUTE REPRODUCING DECRYPTED SAVE DATA 
WITH RECORD REPRODUCTION PLAYER 







S834 



S837 



RETRIEVE SYSTEM SHARED KEY 
(EX. SYSTEM SIGNATURE KEY 

Ksys FROM RECORD 
REPRODUCING PLAYER. AND 
CREATE SAVE DATA DECRYPTION 
KEY Ksav BASED ON SYSTEM 
SHARED KEY (EX. SYSTEM 
SIGNATURE KEY) 



SAVE DATA REPRODUCTION 
PROCESS FINISHED 
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CONTENTS OFFERED FROM MEDIA 
(DVD. CD. ETC.) 



( START ) 



CONTENTS OFFERED 
FROM NETWORK 

C START ~) 



DEMAND CONTENTS FROM MEDIA 



S901 



S902 



S911 



ESTABLISH COMMUNICATION SESSION 
WITH DELIVERY SERVICE SIDE 



OBTAIN REVOCATION LIST INFORMATION 



S903 



VER I FY. PROCESS. EXECUTE REVOCAT I ON 
LIST CHECK VALUE ICVrev 




S905 



CREATE INTERMEDIATE CHECK VALUE 
ICVT' FROM REVOCATION LIST CHECK 
t VALUE ICVrev AND PARTIAL CHECK 
VALUE OF CONTENTS DATA, AND VERIFY. 
EXECUTE VERIFICATION PROCESS ON 
NTERMED I ATE CHECK VALUE 




YES 



S908 



START NORMAL PROCESS 
(EX. PROGRAM EXECUTION PROCESS) 



V. ^ 



S909 



ERROR 



( END ) 



FIG. 87 
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CONTENTS OFFERED FROM RECORDING DEVICE 
(ME MORY CARD. E TC. ) 
( START ) 

_ J! ^/S92 1 

MUTUAL AUTHENTICATION PROCESS 
(CF. FIG. 20) 



/S922 



flUTUAr 
AUTHENTICATION 
OK? 



/^S923 



OBTAIN REVOCATION LIST INFORMATION 



S924 



VER I FY. PROCESS. EXECUTE REVOCAT I ON 
LIST CHECK VALUE ICVrev 




CREATE INTERMED 



S926 



ATE CHECK VALUE 



ICVt* FROM REVOCATION LIST CHECK 
VALUE ICVrev AND PARTIAL CHECK 

VALUE OF CONTENTS DATA. AND 
EXECUTE VERIFICATION PROCESS ON 
INTERMEDIATE CHECK VALUE 




YES 



ERROR 



S930 



S929 



( END ) 



START NORMAL PROCESS 
(EX. PROGRAM EXECUTION PROCESS) 



FIG. 88 
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SECURITY CHIP PRODUCTION 
PROCESS FLOW 



( START ) 



SET UP DAI 
OR READ 


rA WRITING 
NG MODE 






EXECUTE AUTHENTICATION PROCESS 
BASED ON CHIP- INSTALLED 
INFORMATION 



S952 




INTERRUPT PROCESS 



READING 



WRITING 



S955 



EXECUTE DATA 
WRITING PROCESS 



^S956 



EXECUTE DATA 
READING PROCESS 



DATA WRITING PROCESS. OR DATA 
READING PROCESS FINISHED 
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FIG. 90 
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START DATA WRITING 
PROCESS 



5 




NTERRUPT PROCESS 



5> 



OUTPUT SECRET DATA IN WRITE ONLY AREA 
AND DATA WRITING COMMAND FOR CHECKING IN 
READING/WRITING (RW) AREA TO PROCESSING UNIT 



S964 



PROCESSING UNIT EXECUTES WRITING SECRET 
DATA IN WRITE ONLY (WO) AREA AND DATA FOR 
CHECKING IN READING/WRITING (RW) AREA 



c 



DATA WRITING 
PROCESS FINISHED 



) 



FIG. 92 
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f START CHECKING SECRET DATA ^ 
l^WRITTEN IN WRITE ONLY (WO) AREA/ 



^S97 1 



ENCRYPTION PROC 
PROCESSING UN IT. US 
DATA IN WRITE 


ESS EXECUTED IN 
ING SECRET WRITTEN 
ONLY (WO) AREA 




, ^S972 


RECEIVE RESULT OF ENCRYPTION 
PROCESS FROM PROCESSING UNIT 


\ 


, ^S973 


COMPARE RESULT OF ENCRYPTION PROCESS 
USING- (CONFIRMED) DATA WRITTEN IN 

WRITE ONLY (WO) AREA WITH ENCRYPTION 
PROCESS RESULT IN PROCESSING UNIT 




FIG. 93 
92/93 



09/9374 



Explanation of Reference Numerals 
106 - - main CPU, 107 - - RAM, 108 - - ROM, 109 - - AV processing 
unit, 110 - - input processing unit, 111 - - PIO, 112 - - SIO, 300 

- - record reproduction player, 301 - - control unit, 302 - - 
encryption processing unit, 303 - - recording device controller, 
304 - - read unit, 305 - - communication unit, 306 - - control 
unit, 307 - - internal memory, 308 - - encryption/decryption unit, 
400 - - recording device, 401 - - encryption processing unit, 402 

- - external memory, 403 - - control unit, 404 - - communication 
unit, 405 - - internal memory, 406 - - encryption/decryption unit, 
4Q7 external memory control unit, 500 - - media, 600 - 
communication means, 2101, 2102, 2103 - - record reproduction 
player, 2104, 2105, 2106 - - recording device, 2901 - - command 
numbers management unit, 2902 - - command register, 2903, 2904 - - 
authentication flag, 3001 - - speaker, 3002 - - monitor, 3090 - - 
memory, 3091 - - contents analyzing unit, 3092 - - data memory 
unit, 3093 - program memory unit, 3094 - - compression/ 
decompression processing unit, 7701 - - contents data, 7702 - 
revocation list, 7703 - - list check value, 8000 - - security chip, 
8001 - - processing unit, 8002 - - memory unit, 8003 - - mode 
signal line, 8004 - - command signal line, 8201 - - read/write 
area, 8201 - write only area 
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